1
22
23 package com.liferay.portal.action;
24
25 import com.liferay.portal.CookieNotSupportedException;
26 import com.liferay.portal.NoSuchUserException;
27 import com.liferay.portal.PasswordExpiredException;
28 import com.liferay.portal.PortalException;
29 import com.liferay.portal.SendPasswordException;
30 import com.liferay.portal.SystemException;
31 import com.liferay.portal.UserEmailAddressException;
32 import com.liferay.portal.UserIdException;
33 import com.liferay.portal.UserLockoutException;
34 import com.liferay.portal.UserPasswordException;
35 import com.liferay.portal.UserScreenNameException;
36 import com.liferay.portal.captcha.CaptchaTextException;
37 import com.liferay.portal.captcha.CaptchaUtil;
38 import com.liferay.portal.kernel.servlet.HttpHeaders;
39 import com.liferay.portal.kernel.servlet.SessionErrors;
40 import com.liferay.portal.kernel.servlet.SessionMessages;
41 import com.liferay.portal.kernel.util.Constants;
42 import com.liferay.portal.kernel.util.GetterUtil;
43 import com.liferay.portal.kernel.util.ParamUtil;
44 import com.liferay.portal.kernel.util.StringPool;
45 import com.liferay.portal.kernel.util.Validator;
46 import com.liferay.portal.model.Company;
47 import com.liferay.portal.model.CompanyConstants;
48 import com.liferay.portal.model.User;
49 import com.liferay.portal.security.auth.AuthException;
50 import com.liferay.portal.security.auth.Authenticator;
51 import com.liferay.portal.service.UserLocalServiceUtil;
52 import com.liferay.portal.struts.LastPath;
53 import com.liferay.portal.theme.ThemeDisplay;
54 import com.liferay.portal.util.CookieKeys;
55 import com.liferay.portal.util.PortalUtil;
56 import com.liferay.portal.util.PropsValues;
57 import com.liferay.portal.util.WebKeys;
58 import com.liferay.util.Encryptor;
59 import com.liferay.util.servlet.SessionParameters;
60
61 import java.util.ArrayList;
62 import java.util.Enumeration;
63 import java.util.HashMap;
64 import java.util.List;
65 import java.util.Map;
66
67 import javax.servlet.http.Cookie;
68 import javax.servlet.http.HttpServletRequest;
69 import javax.servlet.http.HttpServletResponse;
70 import javax.servlet.http.HttpSession;
71
72 import org.apache.commons.logging.Log;
73 import org.apache.commons.logging.LogFactory;
74 import org.apache.struts.action.Action;
75 import org.apache.struts.action.ActionForm;
76 import org.apache.struts.action.ActionForward;
77 import org.apache.struts.action.ActionMapping;
78
79
86 public class LoginAction extends Action {
87
88 public static String getLogin(
89 HttpServletRequest request, String paramName, Company company)
90 throws PortalException, SystemException {
91
92 String login = request.getParameter(paramName);
93
94 if ((login == null) || (login.equals(StringPool.NULL))) {
95 login = GetterUtil.getString(
96 CookieKeys.getCookie(request, CookieKeys.LOGIN));
97
98 if (PropsValues.COMPANY_LOGIN_PREPOPULATE_DOMAIN &&
99 Validator.isNull(login) &&
100 company.getAuthType().equals(CompanyConstants.AUTH_TYPE_EA)) {
101
102 login = "@" + company.getMx();
103 }
104 }
105
106 return login;
107 }
108
109 public static void login(
110 HttpServletRequest request, HttpServletResponse response,
111 String login, String password, boolean rememberMe)
112 throws Exception {
113
114 CookieKeys.validateSupportCookie(request);
115
116 HttpSession session = request.getSession();
117
118 long userId = GetterUtil.getLong(login);
119
120 int authResult = Authenticator.FAILURE;
121
122 Company company = PortalUtil.getCompany(request);
123
124 Map<String, String[]> headerMap = new HashMap<String, String[]>();
125
126 Enumeration<String> enu1 = request.getHeaderNames();
127
128 while (enu1.hasMoreElements()) {
129 String name = enu1.nextElement();
130
131 Enumeration<String> enu2 = request.getHeaders(name);
132
133 List<String> headers = new ArrayList<String>();
134
135 while (enu2.hasMoreElements()) {
136 String value = enu2.nextElement();
137
138 headers.add(value);
139 }
140
141 headerMap.put(name, headers.toArray(new String[headers.size()]));
142 }
143
144 Map<String, String[]> parameterMap = request.getParameterMap();
145
146 if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_EA)) {
147 authResult = UserLocalServiceUtil.authenticateByEmailAddress(
148 company.getCompanyId(), login, password, headerMap,
149 parameterMap);
150
151 userId = UserLocalServiceUtil.getUserIdByEmailAddress(
152 company.getCompanyId(), login);
153 }
154 else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
155 authResult = UserLocalServiceUtil.authenticateByScreenName(
156 company.getCompanyId(), login, password, headerMap,
157 parameterMap);
158
159 userId = UserLocalServiceUtil.getUserIdByScreenName(
160 company.getCompanyId(), login);
161 }
162 else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
163 authResult = UserLocalServiceUtil.authenticateByUserId(
164 company.getCompanyId(), userId, password, headerMap,
165 parameterMap);
166 }
167
168 if (authResult == Authenticator.SUCCESS) {
169 if (PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) {
170
171
173 Boolean httpsInitial = (Boolean)session.getAttribute(
174 WebKeys.HTTPS_INITIAL);
175
176 LastPath lastPath = (LastPath)session.getAttribute(
177 WebKeys.LAST_PATH);
178
179 try {
180 session.invalidate();
181 }
182 catch (IllegalStateException ise) {
183
184
186 if (_log.isWarnEnabled()) {
187 _log.warn(ise.getMessage());
188 }
189 }
190
191 session = request.getSession(true);
192
193 if (httpsInitial != null) {
194 session.setAttribute(WebKeys.HTTPS_INITIAL, httpsInitial);
195 }
196
197 if (lastPath != null) {
198 session.setAttribute(WebKeys.LAST_PATH, lastPath);
199 }
200 }
201
202
204 String domain = CookieKeys.getDomain(request);
205
206 User user = UserLocalServiceUtil.getUserById(userId);
207
208 String userIdString = String.valueOf(userId);
209
210 session.setAttribute("j_username", userIdString);
211 session.setAttribute("j_password", user.getPassword());
212 session.setAttribute("j_remoteuser", userIdString);
213
214 session.setAttribute(WebKeys.USER_PASSWORD, password);
215
216 Cookie companyIdCookie = new Cookie(
217 CookieKeys.COMPANY_ID, String.valueOf(company.getCompanyId()));
218
219 if (Validator.isNotNull(domain)) {
220 companyIdCookie.setDomain(domain);
221 }
222
223 companyIdCookie.setPath(StringPool.SLASH);
224
225 Cookie idCookie = new Cookie(
226 CookieKeys.ID,
227 UserLocalServiceUtil.encryptUserId(userIdString));
228
229 if (Validator.isNotNull(domain)) {
230 idCookie.setDomain(domain);
231 }
232
233 idCookie.setPath(StringPool.SLASH);
234
235 Cookie passwordCookie = new Cookie(
236 CookieKeys.PASSWORD,
237 Encryptor.encrypt(company.getKeyObj(), password));
238
239 if (Validator.isNotNull(domain)) {
240 passwordCookie.setDomain(domain);
241 }
242
243 passwordCookie.setPath(StringPool.SLASH);
244
245 Cookie rememberMeCookie = new Cookie(
246 CookieKeys.REMEMBER_ME, Boolean.TRUE.toString());
247
248 if (Validator.isNotNull(domain)) {
249 rememberMeCookie.setDomain(domain);
250 }
251
252 rememberMeCookie.setPath(StringPool.SLASH);
253
254 int loginMaxAge = PropsValues.COMPANY_SECURITY_AUTO_LOGIN_MAX_AGE;
255
256 if (PropsValues.SESSION_DISABLED) {
257 rememberMe = true;
258 }
259
260 if (rememberMe) {
261 companyIdCookie.setMaxAge(loginMaxAge);
262 idCookie.setMaxAge(loginMaxAge);
263 passwordCookie.setMaxAge(loginMaxAge);
264 rememberMeCookie.setMaxAge(loginMaxAge);
265 }
266 else {
267
268
274 companyIdCookie.setMaxAge(-1);
275 idCookie.setMaxAge(-1);
276 passwordCookie.setMaxAge(-1);
277 rememberMeCookie.setMaxAge(0);
278 }
279
280 Cookie loginCookie = new Cookie(CookieKeys.LOGIN, login);
281
282 if (Validator.isNotNull(domain)) {
283 loginCookie.setDomain(domain);
284 }
285
286 loginCookie.setMaxAge(loginMaxAge);
287 loginCookie.setPath(StringPool.SLASH);
288
289 Cookie screenNameCookie = new Cookie(
290 CookieKeys.SCREEN_NAME,
291 Encryptor.encrypt(company.getKeyObj(), user.getScreenName()));
292
293 if (Validator.isNotNull(domain)) {
294 screenNameCookie.setDomain(domain);
295 }
296
297 screenNameCookie.setMaxAge(loginMaxAge);
298 screenNameCookie.setPath(StringPool.SLASH);
299
300 CookieKeys.addCookie(response, companyIdCookie);
301 CookieKeys.addCookie(response, idCookie);
302 CookieKeys.addCookie(response, passwordCookie);
303 CookieKeys.addCookie(response, rememberMeCookie);
304 CookieKeys.addCookie(response, loginCookie);
305 CookieKeys.addCookie(response, screenNameCookie);
306 }
307 else {
308 throw new AuthException();
309 }
310 }
311
312 public static void sendPassword(HttpServletRequest request)
313 throws Exception {
314
315 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
316 WebKeys.THEME_DISPLAY);
317
318 Company company = themeDisplay.getCompany();
319
320 if (!company.isSendPassword()) {
321 return;
322 }
323
324 if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
325 CaptchaUtil.check(request);
326 }
327
328 String emailAddress = ParamUtil.getString(request, "emailAddress");
329
330 String remoteAddr = request.getRemoteAddr();
331 String remoteHost = request.getRemoteHost();
332 String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
333
334 UserLocalServiceUtil.sendPassword(
335 PortalUtil.getCompanyId(request), emailAddress, remoteAddr,
336 remoteHost, userAgent);
337
338 SessionMessages.add(request, "request_processed", emailAddress);
339 }
340
341 public ActionForward execute(
342 ActionMapping mapping, ActionForm form, HttpServletRequest request,
343 HttpServletResponse response)
344 throws Exception {
345
346 if (PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS &&
347 !request.isSecure()) {
348
349 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
350 WebKeys.THEME_DISPLAY);
351
352 StringBuilder sb = new StringBuilder();
353
354 sb.append(PortalUtil.getPortalURL(request, true));
355 sb.append(themeDisplay.getURLSignIn());
356
357 response.sendRedirect(sb.toString());
358
359 return null;
360 }
361
362 HttpSession session = request.getSession();
363
364 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
365 WebKeys.THEME_DISPLAY);
366
367 if (session.getAttribute("j_username") != null &&
368 session.getAttribute("j_password") != null) {
369
370 if (PropsValues.PORTAL_JAAS_ENABLE) {
371 return mapping.findForward("/portal/touch_protected.jsp");
372 }
373 else {
374 response.sendRedirect(themeDisplay.getPathMain());
375
376 return null;
377 }
378 }
379
380 String cmd = ParamUtil.getString(request, Constants.CMD);
381
382 if (cmd.equals("already-registered")) {
383 try {
384 login(request, response);
385
386 if (PropsValues.PORTAL_JAAS_ENABLE) {
387 return mapping.findForward("/portal/touch_protected.jsp");
388 }
389 else {
390 String redirect = ParamUtil.getString(request, "redirect");
391
392 if (Validator.isNotNull(redirect)) {
393 response.sendRedirect(redirect);
394 }
395 else {
396 response.sendRedirect(themeDisplay.getPathMain());
397 }
398
399 return null;
400 }
401 }
402 catch (Exception e) {
403 if (e instanceof AuthException) {
404 Throwable cause = e.getCause();
405
406 if (cause instanceof PasswordExpiredException ||
407 cause instanceof UserLockoutException) {
408
409 SessionErrors.add(request, cause.getClass().getName());
410 }
411 else {
412 SessionErrors.add(request, e.getClass().getName());
413 }
414
415 return mapping.findForward("portal.login");
416 }
417 else if (e instanceof CookieNotSupportedException ||
418 e instanceof NoSuchUserException ||
419 e instanceof PasswordExpiredException ||
420 e instanceof UserEmailAddressException ||
421 e instanceof UserIdException ||
422 e instanceof UserLockoutException ||
423 e instanceof UserPasswordException ||
424 e instanceof UserScreenNameException) {
425
426 SessionErrors.add(request, e.getClass().getName());
427
428 return mapping.findForward("portal.login");
429 }
430 else {
431 PortalUtil.sendError(e, request, response);
432
433 return null;
434 }
435 }
436 }
437 else if (cmd.equals("forgot-password")) {
438 try {
439 sendPassword(request);
440
441 return mapping.findForward("portal.login");
442 }
443 catch (Exception e) {
444 if (e instanceof CaptchaTextException ||
445 e instanceof NoSuchUserException ||
446 e instanceof SendPasswordException ||
447 e instanceof UserEmailAddressException) {
448
449 SessionErrors.add(request, e.getClass().getName());
450
451 return mapping.findForward("portal.login");
452 }
453 else {
454 PortalUtil.sendError(e, request, response);
455
456 return null;
457 }
458 }
459 }
460 else {
461 String authLoginURL = PortalUtil.getCommunityLoginURL(themeDisplay);
462
463 if (Validator.isNull(authLoginURL)) {
464 authLoginURL = PropsValues.AUTH_LOGIN_URL;
465 }
466
467 if (Validator.isNotNull(authLoginURL)) {
468 response.sendRedirect(authLoginURL);
469
470 return null;
471 }
472 else {
473 return mapping.findForward("portal.login");
474 }
475 }
476 }
477
478 protected void login(
479 HttpServletRequest request, HttpServletResponse response)
480 throws Exception {
481
482 String login = ParamUtil.getString(request, "login").toLowerCase();
483 String password = ParamUtil.getString(
484 request, SessionParameters.get(request, "password"));
485 boolean rememberMe = ParamUtil.getBoolean(request, "rememberMe");
486
487 login(request, response, login, password, rememberMe);
488 }
489
490 private static Log _log = LogFactory.getLog(LoginAction.class);
491
492 }